On Mon, Sep 12, 2011 at 1:52 PM, Dobbins, Roland <rdobb...@arbor.net> wrote: > On Sep 13, 2011, at 3:43 AM, Everton Marques wrote: > >> Would Cisco ISR G2 3925E classify as software-based router? > > Yes. > >> Do you expect it to bend itself down under a few Mbps of 64-byte packets? > > Especially if they're directed at the router itself, at some point, sure - > though the ISR2 certainly has more horsepower than the original ISRs, and > I've personally yet to witness an ISR2 being DDoSed, so I've no feel for the > specific numbers. Features also play a role. > > This isn't to say that the ISR2 isn't a fine router - but rather that one > must be cognizant of performance envelopes prior to deployment in order to > determine suitability to purpose. One can't reasonably expect vendors to > exceed their design constraints in any type of equipment. > > ;> > > One can and should test the specific performance envelope of any prospective > infrastructure purchase, of course. > > ----------------------------------------------------------------------- > Roland Dobbins <rdobb...@arbor.net> // <http://www.arbornetworks.com> > > The basis of optimism is sheer terror. > > -- Oscar Wilde > > >
Lots of devices can have trouble if you direct high PPS to the control plane, and will exhibit performance degradation, leading up to a DoS eventually. That isn't limited to software based routers at all, it will impact dedicated ASICs. Vendors put together solutions for this, to protect the router itself/control plane, whether its a software based routed or ASICs. Now if this was a Microtik with an 1Ghz Intel Atom CPU, sure, lots of things could take that thing offline, even funny looks. But a modern, multi-core/multi-thread system with multi-queued NICs will handle hundreds of thousands of PPS directed to the router itself before having issues, of nearly any packet size. A high end ASIC can handle millions/tens of millions PPS, but directed to the control plane (which is often a general purpose CPU as well, Intel or PowerPC), probably not in most scenarios. I think its very fair for a small/medium sized organization to run software based routers, Vyatta included. -- Brent Jones br...@servuhome.net
